WHAT IS CLAIMED IS: 



1 1 . A method for managing connections in a network comprising: 

2 receiving a packet associated with a request for a protocol-based 

3 connection; 

4 assigning the packet to a selected one of a plurality of classes; 

5 forwarding the packet if number of packets forwarded from the selected 

6 class in a predetermined time interval has not reached a first maximum count; and 

7 dropping the packet if number of packets forwarded from the class in the 

8 predetermined time interval has reached the first maximum count. 

1 2. The method of claim 1 wherein the first maximum count is 

2 adjustable to effectuate different rates of packet forwarding for the selected class. 

1 3. The method of claim 1 wherein the predetermined time interval 

2 is adjustable to effectuate different rates of packet forwarding for the selected class. 

1 4. The method of claim 1 wherein a counter associated with the 

2 selected class is used to determine whether number of packets forwarded from the 

3 selected class in the predetermined time interval has reached the first maximum count. 

1 5. The method of claim 4 wherein the counter is a count-down 

2 counter. 

1 6. The method of claim 1 wherein the packet is forwarded only if a 

2 count of active connection requests has not reached a second maximum limit. 

1 7. The method of claim 6 wherein the count of active connection 

2 requests is incremented when a packet associated with a request for a protocol-based 

3 connection is forwarded from the selected class. 

1 8. The method of claim 6 wherein the count of active connection 

2 requests is decremented when a protocol-based connection is established. 

1 9. The method of claim 6 wherein the count of active connection 

2 requests is decremented when a protocol-based connection is terminated before being 

3 established. 
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1 10. The method of claim 1 further comprising: 

2 after forwarding the packet, receiving an additional packet associated 

3 with the requested protocol-based connection; 

4 assigning the additional packet to a pass-through class; and 

5 forwarding the additional packet even if the first maximum count or the 

6 second maximum count has been reached. 

1 11. The method of claim 1 0 wherein the additional packet relates to 

2 status of the requested protocol-based connection. 

1 12. The method of claim 10 wherein the additional packet relates to 

2 termination of the requested protocol-based connection. 

1 13. The method of claim 1 wherein the protocol-based connection is 

2 based on a Point-to-Point Protocol (PPP). 

1 14. The method of claim 1 wherein the protocol-based connection is 

2 based on a Point-to-Point Protocol over Ethernet (PPPoE). 

1 15. The method of claim 1 wherein the protocol-based connection is 

2 based on a Layer Two Tunneling Protocol (L2TP). 

1 16. The method of claim 1 wherein the protocol-based connection is 

2 based on a Dynamic Host Configuration Protocol (DHCP). 

1 1 7. An apparatus for managing connections in a network comprising: 

2 a control plane operable to process requests for protocol-based 

3 connection; and 

4 a data plane operable to 

5 receive a packet associated with a request for a protocol-based 

6 connection, 

7 assign the packet to a selected one of a plurality of classes, 

8 forward the packet to the control plane if number of packets forwarded 

9 from the selected class in a predetermined time interval has not reached a first 
10 maximum count, and 
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1 1 drop the packet if number of packets forwarded from the class in the 

1 2 predetermined time interval has reached the first maximum count. 

1 18. The apparatus of claim 1 7 wherein the first maximum count is 

2 adjustable to effectuate different rates of packet forwarding for the selected class. 

1 19. The apparatus of claim 17 wherein the predetermined time 

2 interval is adjustable to effectuate different rates of packet forwarding for the selected 

3 class. 

1 20. The apparatus of claim 17 wherein a counter associated with the 

2 selected class is used to determine whether number of packets forwarded from the 

3 selected class in the predetermined time interval has reached the first maximum count. 

1 21. The apparatus of claim 20 wherein the counter is a count-down 

2 counter. 

1 22. The apparatus of claim 1 7 wherein the packet is forwarded only 

2 if a count of active connection requests has not reached a second maximum limit. 

1 23. The apparatus of claim 22 wherein the count of active connection 

2 requests is incremented when a packet associated with a request for a protocol-based 

3 connection is forwarded from the selected class. 

1 24. The apparatus of claim 22 wherein the count of active connection 

2 requests is decremented when a protocol-based connection is established. 

1 25. The apparatus of claim 22 wherein the count of active connection 

2 requests is decremented when a protocol-based connection is terminated before being 

3 established. 

1 26. The apparatus of claim 17 further comprising: 

2 after forwarding the packet, receiving an additional packet associated 

3 with the requested protocol-based connection; 

4 assigning the additional packet to a pass-through class; and 

5 forwarding the additional packet even if the first maximum count or the 

6 second maximum count has been reached. 
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1 27. The apparatus of claim 26 wherein the additional packet relates 

2 to status of the requested protocol-based connection. 

1 28. The apparatus of claim 26 wherein the additional packet relates 

2 to termination of the requested protocol-based connection. 

1 29. The apparatus of claim 1 7 wherein the protocol -based connection 

2 is based on a Point-to-Point Protocol (PPP). 

1 30. The apparatus of claim 1 7 wherein the protocol-based connection 

2 is based on a Point-to-Point Protocol over Ethernet (PPPoE). 

1 31. The apparatus of claim 1 7 wherein the protocol-based connection 

2 is based on a Layer Two Tunneling Protocol (L2TP). 

1 32. The apparatus of claim 1 7 wherein the protocol-based connection 

2 is based on a Dynamic Host Configuration Protocol (DHCP). 

1 33. A system for managing connections in a network comprising: 

2 means for receiving a packet associated with a request for a protocol- 

3 based connection; 

4 means for assigning the packet to a selected one of a plurality of classes; 

5 means for forwarding the packet if number of packets forwarded from 

6 the selected class in a predetermined time interval has not reached a first maximum 

7 count; and 

8 means for dropping the packet if number of packets forwarded from the 

9 class in the predetermined time interval has reached the first maximum count. 
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